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\ WHAT IS CLAIMED IS: 

1. A portable unit comprising: 

storage means for storing registration data; and 
encryption! means for encrypting the registration 
data stored in Laid storage means in executing personal 
authentication Aased on the registration data and new 
input information, and supplying the obtained cipher to 
a personal authentication unit which is communicatively 

i portable unit and executes the 
Lcation . 

according to claim 1, wherein the 
registration data is personal biological data. 

3. A unit according to claim 1, wherein said 
unit further comprises random number generating means 
for generating a random number when the personal 
authentication is to be executed, and said encryption 
means comprises means for supplying, to said personal 
authentication unuLt, a ciphertext obtained by 
encrypting the registration data with a random number 
generated by said random number generating means and 
a ciphertext obtained by encrypting the random number 
with a key held by said personal authentication unit. 

4. A personal authentication unit having tamper 
resistance, comprising : 

tamper-resistiant decryption means for obtaining 
registration data py decrypting a ciphertext supplied 
from a portable unp.t for storing the registration data 
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and outputtiing the ciphertext obtained by encrypting 
the registration data; 

input means for inputting input information; and 
collation means for collating the registration 
5 data obtained from said decryption means with the input 

information ilnput from said input means. 

5. A portable unit comprising: 

means for storing registration data; and 
encryption means for, in executing a personal 

10 authentication! based on the registration data 

and new input Information, supplying a ciphertext 
obtained by enorypting the registration data stored in 
the said storage means to a fixed section which is 
communicatively Iconnected to said portable unit and 

15 performs transfeir processing including encryption 

between said portable unit and a plurality of personal 
authentication ui^its for performing personal 
authentication . 

6. A personal authentication system having tamper 
20 resistance, comprising: 

a tamper-resiistant fixed section including: 
first tamper-resistant decryption means for 
obtaining registration data by decrypting a ciphertext 
supplied from a portable unit for storing the 
25 registration data and outputting the ciphertext 

obtained by encrypting the registration data; 

encryption means for sending a ciphertext obtained 



by encrypting the registration data obtained from 
said first decryption means with a predetermined 
cryptographic key ; 

a plurality of tamper-resistant personal 
authentication units each of which is movably 
installed; \ 

secona decryption means for obtaining registration 
data by decrypting the ciphertext sent from said 
decryption means with a predetermined cryptographic 
key; and \ 

collation means for collating the registration 
data obtained! from said second decryption means with 
the input information, 

7 . A computer readable medium used for 
a tamper-resistant portable unit which can communicate 
with a personal authentication unit for executing 
personal authentication and includes a computer, said 
medium storing a program for 

causing said computer to execute a procedure for 
storing registration data in storage means; and 

causing said computer to execute an encryption 
procedure for enarypting the registration data and 
supplying the obtlained ciphertext to said personal 
authentication unn_t when executing the personal 
authentication, 1 

8 ♦ A computer readable medium used for 
a tamper-resistantl personal authentication 



• 
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unit having a computer and executing a personal 
authentication on the basis of a ciphertext supplied 
from a tamper-resistant portable unit for storing 
registration data and outputting a ciphertext obtained 
5 by encrypting the registration data, said medium 

storing a Iprogram for 

causing said computer to execute a decryption 
procedure for obtaining registration data by decrypting 
the cipher-next supplied from said portable unit; 

10 causing said computer to execute an input 

procedure for inputting input information; and 

causing said computer to execute a collation 
procedure for collating the registration data obtained 
by the decryAt procedure with the input information. 

15 9. A computer readable medium used for 

a tamper-resistant portable unit having a computer 
and capable of communicating with a personal 
authentication! system including a tamper-resistant 
fixed section which has a computer and obtains 

2 0 registration darba by decrypting a ciphertext supplied 

from a tamper-resistant portable unit for storing 
registration datia and outputting a ciphertext obtained 
by encrypting the registration data, encrypts the 
obtained registration data by using a predetermined 

2 5 cryptographic keyl, and transfers the ciphertext to 

a plurality of personal authentication units for 
executing personal! authentication, and said plurality 
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of tamper-resistant personal authentication units each 
of whidh has a computer, decrypts the ciphertext from 
said fixed section, and collates obtained information 
with input information, thereby executing a personal 
5 authentication, said medium storing a program for 

causing said computer to execute a procedure for 
storing registration data; and 

causing said computer to execute an encryption 
procedure for supplying the ciphertext obtained by 

10 encrypting \the registration data to said fixed section 

when executing the personal authentication, 

10. A computer readable medium used for a personal 
authentication system including a tamper-resistant 
fixed sectioi^ which has a computer and obtains 

15 registration tiata by decrypting the ciphertext supplied 

from a tamper-lresistant portable unit for storing 
registration data and outputting a ciphertext obtained 
by encrypting the registration data, encrypts the 
obtained registration data by using a predetermined 

2 0 cryptographic k&y, and transfers the ciphertext to 

a plurality of personal authentication units for 
executing personal authentications, and said plurality 
of tamper-resistant personal authentication units each 
of which has a computer, decrypts the ciphertext from 

25 said fixed sectiori, and collates obtained information 

with input information, thereby executing a personal 
authentication, sadld medium storing a program for 
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causing said computer of said fixed section to 
execute! a first decryption procedure for obtaining 
registration data by decrypting a ciphertext supplied 
from said portable unit; 
5 causing said computer to execute a second encrypt 

procedure! for encrypting the registration data obtained 
by the fir\st decryption procedure with a predetermined 
cryptographic key and sending the obtained ciphertext; 

causing said computer of each of said personal 
10 authentication units to execute a second decryption 

procedure foW obtaining registration data by decrypting 
the ciphertext sent by the second encryption procedure 
with a predetermined cryptographic key; and 

causing paid computer to execute a collation 
15 procedure for Icollating the registration data obtained 

by the second pecrypt procedure with the input 
information . 

11. A persbnal authentication system comprising; 
a tamper-resistant portable unit including: 
2 0 a memory fdr storing registration data; 

encryption means for, when a personal 
authentication is to be executed, encrypting 
the registration flata stored in said memory; 

supply means \f or supplying the registration data 
2 5 encrypted by said fencryption means to a personal 

authentication unitl; 

a tamper-resistant personal authentication unit 
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capable of communicating with said portable unit, 
including: 

input mearis for inputting registration data; 
decryption! means for decrypting the encrypted 
registration data supplied from said supply means; and 

collation means for collating the registration 
data decrypted by said decryption means with the 
registration datja input by said input means. 

12. A systein according to claim 11, wherein said 



portable unit and 
further comprise 



said personal authentication unit 
authentication means for performing 



mutual authentication between said portable unit and 



said personal aut 
13. A system 
authentication me 
and private keys 
the certificates 
authenticating in 
and said unit mutu 



lentication unit. 

according to claim 12, wherein said 
ims respectively have certificates 
4nd execute verification of 

nd mutual authentication of 
formation indicating that said unit 
lly have the private keys. 



14. A system according to claim 13, wherein 



said portable unit 
said personal auth 



verifies the certificate of 
sntication unit by decrypting 
a signature of an authentication office which is 
contained in the certificate received from said 
personal authentication unit by using a public key of 
the authentication Office, and performing true-false 
determination of the decryption result by using a name 
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of the authentication office. 

15. A system according to claim 11, wherein the 
input information collated by said collation means is 
personal biological information. 

16. A portable unit used for said personal 
authentication system defined in claim 11, comprising: 

random number generating means for generating 
a random number when the personal authentication is to 
be executed ; and 

encryption means for generating a first ciphertext 
by encrypting the registration data with the random 
number generated by said random number generating means, 
generating a second ciphertext by encrypting the random 
number by using! a key obtained from said personal 
authentication Wit, and supplying the first and second 
ciphertexts to said personal authentication unit. 

17. An article of manufacture comprising: 



a computer 
readable program 



readable medium having computer 
code means embodied therein for 
causing a personal authentication to be performed 
between a portable unit and a personal authentication 
unit, the computer program code means in said article 
of manufacturing comprising: 

computer readable program code means for causing 
a computer to encrypt, when the personal authentication 
is to be performed, the registration data and to supply 
the encrypted registration data to the personal 
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authentication unit; 

computer readable program code means for causing 
the comduter to decrypt the encrypted data to obtain 
the registration data; 
5 computer readable program code means for causing 

the computer to input registration data; and 

computer readable program code means for causing 
the computer to collate the registration data obtained 
by the decryption with the inputted registration data, 
10 18. Al personal authentication system comprising: 

a tamber-resistant portable unit including: 

a memory fpr storing registration data; 

a tamder-resistant fixed section containing 
a plurality! of personal authentication units for 
15 performing Encryption and transfer processing between 

said portable unit and said plurality of personal 
authentication units; 

first encryption means for supplying a ciphertext 
obtained by encrypting the registration data stored in 
2 0 said memory tio said fixed section; 

the saidl fixed section including: 

first decryption means for obtaining registration 
data by decrypting the ciphertext supplied from said 
first encryption means; and 
2 5 second encryption means for encrypting the 

registration data obtained by said first decrypting 
means with a predetermined cryptographic key, and 
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sending the obtained ciphertext; 

said plurality of personal authentication units 
having tamper- resistance is capable of executing 
personal authentications on the basis of the 
registration data in said portable unit and new 
input information, each of said personal authentication 
units includinj: 

second decryption means for obtaining registration 
data by decrypting the ciphertext sent from said second 
encryption means with a predetermined cryptographic 
key; and 

means for collating the registration 

ty said second decryption means with the 
on . 

19. A porjtable unit used for said personal 

system defined in claim 18, comprising: 



collation 
data obtained 



authentication 



random number generating means for generating 
a random number when the personal authentication is to 
be executed; and 

first encryption means for supplying, to said 

a ciphertext obtained by encrypting the 
<Iata with the random number generated by 
said random n amber generating means and a ciphertext 
obtained by encrypting the random number with a key of 
said fixed section. 



fixed section 
registration 



